<?php
error_reporting(7);

if (!isset($_POST[action]) AND trim($_POST[action] == "")) {
        $action = $_GET[action];
} else {
        $action = $_POST[action];
} 

if (empty($action)) {
        $action = "view";
} 

if ($action == "view") {
        $templatelist = "favorite,usercp_navbar,navbar_favorite";
        require "global.php";

        if ($pauserinfo[userid] == 0) {
                show_nopermission();
        } 

        eval("\$navbit = \"" . gettemplate('navbar_joiner') . "\";");
        eval("\$navbit .= \"" . gettemplate('navbar_favorite') . "\";");
        eval("\$navbar = \"" . gettemplate('navbar') . "\";");

        unset($bgcolor);
        $bgcolor[favorite] = "bgcolor=\"$style[firstalt]\"";
        eval("\$usercp_navbar = \"" . gettemplate('usercp_navbar') . "\";");

        $favorites = $DB->fetch_one_array("SELECT COUNT(*) AS count FROM " . $db_prefix . "favorite
                                              WHERE userid='$pauserinfo[userid]'");

        $pauserinfo[favorites] = $favorites[count];

        $space[used] = ceil(($pauserinfo[favorites] / $favoritelimit) * 100);

        $space[left] = 100 - $space[used];
        eval("\$status = \"" . gettemplate('favorite_spacestatus') . "\";");

        if ($pauserinfo[favorites] > 0) {
                $articles = $DB->query("SELECT article.*,favorite.*,sort.sortid,sort.title AS sorttitle FROM " . $db_prefix . "favorite AS favorite
                                         LEFT JOIN " . $db_prefix . "article AS article
                                              USING (articleid)
                                         LEFT JOIN " . $db_prefix . "sort AS sort
                                              USING (sortid)
                                         WHERE favorite.userid='$pauserinfo[userid]'
                                         ORDER BY date DESC");
                while ($article = $DB->fetch_array($articles)) {
                        $article[date] = padate("Y-m-d", $article[date]);
                        $article[adddate] = padate("Y-m-d", $article[adddate]);
                        eval("\$articlelistbit .= \"" . gettemplate('favorite_articlelistbit') . "\";");
                } 
                eval("\$articlelist = \"" . gettemplate('favorite_articlelist') . "\";");
        } else {
                eval("\$articlelist = \"" . gettemplate('favorite_articlelist_none') . "\";");
        } 
        eval("dooutput(\"" . gettemplate('favorite') . "\");");
} 

if ($_GET[action] == "add") {
        $templatelist = "";
        require "global.php";

        if ($pauserinfo[userid] == 0) {
                show_nopermission();
        } 

        $articleid = intval($_GET[articleid]);

        if (empty($articleid)) {
                $nav = $_SERVER["REQUEST_URI"];
                $script = $_SERVER["SCRIPT_NAME"];
                $nav = ereg_replace("^$script", "", urldecode($nav));
                $vars = explode("/", $nav);
                $articleid = intval($vars[1]);
                if (!empty($vars[2])) {
                        $pagenum = intval($vars[2]);
                } 
        } 

        $article = validate_articleid($articleid);

        $favorites = $DB->fetch_one_array("SELECT count(articleid) AS count FROM " . $db_prefix . "favorite WHERE userid='$userid'");

        if ($favorites[count] >= $favoritelimit) {
                show_errormessage("error_favorite_fulled");
        } 

        $checkexist = $DB->query("SELECT articleid FROM " . $db_prefix . "favorite
                                               WHERE userid='$pauserinfo[userid]' AND articleid='$articleid'");
        if ($DB->num_rows($checkexist) == 0) {
                $DB->query("INSERT INTO " . $db_prefix . "favorite (userid,articleid,adddate)
                           VALUES ('$pauserinfo[userid]','$articleid','" . time() . "')");
        } 
        $pagenum = intval($_GET[pagenum]);
        if (empty($pagenum)) {
                $pagenum = 1;
        } 
        redirect("$phparticleurl/article.php/$articleid/$pagenum", "redirect_favorite_success");
} 

if ($_POST[action] == "delete") {
        require "global.php";

        if ($pauserinfo[userid] == 0) {
                show_nopermission();
        } 

        if (empty($_POST[article]) OR !is_array($_POST[article])) {
                show_errormessage("error_favorite_unselect");
        } 
        foreach ($article AS $articleid => $value) {
                $DB->query("DELETE FROM " . $db_prefix . "favorite WHERE articleid='" . intval($articleid) . "' AND userid='$pauserinfo[userid]'");
        } 

        redirect("$phparticleurl/favorite.php", "redirect_favorite_deleted");
} 

?>